Goal? LLMjacking and GPUjacking. Token mining is the new cryptomining.
Sysdig Threat Research Team (TRT) just published a report about an attack on an AWS environment featuring LLM use for recon, the classic "old credentials in a public S3 bucket" issue, and LLMjacking and GPUjacking as the objectives.
Highlights:
- Initial access came from exposed credentials in a public S3 bucket, tied to AI workflows and discoverable via predictable naming.
- The attacker moved fast, with indicators suggesting LLMs helped automate reconnaissance, generate code, and make next-step decisions in real time.
- Privilege escalation used a serverless path, including Lambda update and code injection style activity, until administrative access was achieved.
- Post-compromise behavior aligned with monetization through AI and compute abuse, including Bedrock usage and GPU instance provisioning.
My take:
- LLMs are predictably collapsing the attacker timeline. Recon, planning, and iteration that used to take hours now happen in minutes.
- Pressure to implement AI in enterprises is surfacing basic security failures, especially in organizations without secure-by-design infrastructure.
- Expect more LLMjacking and GPUjacking. This is starting to look like cryptomining, except tokens are the new currency.